Closed Bug 146074 Opened 23 years ago Closed 23 years ago

Proxy-authorization not on all requests after authentication

Categories

(Core :: Networking: HTTP, defect, P2)

Product:
Core
Component:
Networking: HTTP
Platform:
x86
Windows 2000
Type:
defect

Tracking

()

Status:
VERIFIED FIXED
Milestone:
mozilla1.0.1

People

(Reporter: dsmutil, Assigned: darin.moz)

References

Details

(Keywords: regression, Whiteboard: [adt1 RTM])

Attachments

(1 file)

v1 patch
1.20 KB, patch
jesup
: review+
rpotts
: superreview+
chofmann
: approval+
Details | Diff | Splinter Review
From Bugzilla Helper: User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0rc2) Gecko/20020510 BuildID: 2002051006 After authenticating to the proxy server, all GET, PUT, and POST requests should have the Proxy-authorization: entry in the header. However, it is not offered until it receives a 407 (Proxy Authentication Required) response from the proxy. This can cause some items to not load properly when using Squid. This may be the cause of bug 140038 since it tends to cause "Connection refused" and "Document contains no data" errors. Reproducible: Always Steps to Reproduce: 1. Configure web browser to use a proxy server that requires authentication (I'm using a PAC file). 2. Capture packets... 3. Load a page that has several images or other objects. 4. View capture. Actual Results: Each new connection to the proxy does not have the Proxy-authentication: header, causing a 407 error and an error page downloaded. The request is then tried again. Usually the second request will have the authentication information but sometimes three or more requests are sent without authentication. Expected Results: Each new connection to a proxy server that has already been authenticated to should automatically offer the authentication information. Direct connections (via .PAC) and other proxy servers would not be sent the authentication information. Similar to bug 140773 but that bug says the authentication is only sent the first time; I'm discovering that it's only sent AFTER the first time so it may be a different problem.
Keywords: 4xp
this is a major regression... thanks for pointing it out. investigating...
Severity: normal → major
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Keywords: mozilla1.0, nsbeta1, regression
Priority: -- → P2
Whiteboard: [adt1 RTM]
Target Milestone: --- → mozilla1.0.1
Attached patch v1 patchSplinter Review
simple fix
*** Bug 140773 has been marked as a duplicate of this bug. ***
hey darin, isn't the following code... + // path's can be empty (even NULL) + if (!path || !*path) { + if (!entryPath || !*entryPath) { *result = entry; break; really just, if (!path && !entryPath) { *result = entry; break; } it's not a big deal, but the double if is kinda mind-bending :-) -- rick
oops.. ignore my last post :-) i was misreading the patch :-( -- rick
Darin - should that be strncasecmp instead of strncmp?
Comment on attachment 84563 [details] [diff] [review] v1 patch r=rjesup@wgate.com under the assumption that the URLs in the entries and passed in are case-normalized already.
Attachment #84563 - Flags: review+
Darin - let's get this into trunk and go for approval
Keywords: approval
rjesup: http URL paths are case sensitive, so strncmp is correct. thx for the review.
fixed-on-trunk
Keywords: adt1.0.0
Whiteboard: [adt1 RTM] → [adt1 RTM][fixed trunk]
Comment on attachment 84563 [details] [diff] [review] v1 patch a=chofmann,jesup,shaver. need to get this in tonight if it's going to make the rc3/1.0 train.
Attachment #84563 - Flags: approval+
fixed-on-branch
Status: ASSIGNED → RESOLVED
Closed: 23 years ago
Keywords: fixed1.0.0
Resolution: --- → FIXED
Case-sensitive URL's - I was thinking the hostname was still included here, but it's not, this is the path following the hostname. http: (etc) hostnames are case-insensitive as per the W3C spec. My apologies; just trying to be ultra-paranoid about late fixes.
Wow! A patch in a half hour and checked in within 2 1/2. Thanks.
Dan: thank you very much for pointing out this bug... i'd hate to have seen mozilla 1.0 go out with this bug!! we really need better regression testing for things like this.
Keywords: adt1.0.0
checked this with packet trace of authenticated proxy transaction. (Used tegu.mozilla.org.) Proxy-authorization: header is now sent with each connection to the proxy server. verified branch winNT 20020522
Keywords: verified1.0.0
Keywords: fixed1.0.0
*** Bug 132874 has been marked as a duplicate of this bug. ***
verified - winNT4 11/21/02 trunk - confirmed with packet trace that proxy-authentication header sent with each connection
Status: RESOLVED → VERIFIED
Whiteboard: [adt1 RTM][fixed trunk] → [adt1 RTM]
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: